Governance, Risk, and Compliance (GRC) with SAP S/4HANA Cloud 2302, Public Edition

Hello and welcome to the release highlights for Governance, Risk, and Compliance (GRC) with SAP S/4HANA Cloud, public edition 2302. This blog contains selected highlights from SAP Financial Compliance Management, SAP Document and Reporting Compliance, and at least but not SAP Privacy Governance, along with their business benefits and deep-dive system demos.

If you are interested in the SAP Strategy of Finance and Risk, check out this video:

Video 1: SAP’s Product Strategy for Finance and Risk 

To get a quick overview of our SAP S/4HANA Cloud 2302 highlights for Governance, Risk, and Compliance, watch this 3-minute video:

This blog covers the following topics:

SAP Financial Compliance Management

Global Tax

SAP Privacy Governance

• Automated Security Procedures for Managing Security Controls (6NL)

If you are also interested in what is new in the area of Finance, check out the blog ‘Finance in SAP S/4HANA Cloud, Public Edition 2302‘ by Ulrich Hauke.

SAP Financial Compliance Management

GRC Business Content Hub

The GRC business content hub is a tool that that allows partners to become content providers and offer content (for example, predefined controls) for SAP Financial Compliance Management through standardized packages to customers. Using ‘the Manage Business Content Objects’ and ‘Manage Business Content Packages’ apps, content providers can create, manage, and maintain content packages to be consumed by their own customers.

Value Proposition 

• Provides a scalable business model and distribution channel for content providers
• Enables efficient and fast consumption of predefined content for customers, such as controls and automated procedures

CapabilitiesContent can be:

• Provided by different parties via content packages
• Deployed in a standardized way
• Run out of the box
• Package can be updated by content provider
• Made available to the customer and ready to be installed as and when required

Figure 1: The new GRC business content hub for SAP Financial Compliance Management makes it possible for partners to also become business content providers.

Back to Top

Integration with SAP Signavio

The integration of SAP Signavio with SAP Financial Compliance Management enables you to monitor business critical processes in SAP Signavio  and carry out compliance-relevant checks on those processes to ensure their effectiveness.

Value Proposition

• Help ensure that process and control repositories are consistent in both SAP Signavio and SAP Financial Compliance Management
• Reduce the amount of manual maintenance, thereby saving time and effort

Capabilities

• Load processes directly from SAP Signavio
• Push controls from SAP Financial Compliance Management to SAP Signavio

Video 2: Demo – Integration of SAP Financial Compliance Management with SAP Signavio

Back to Top

Effectiveness Testing in SAP Financial Compliance Management

SAP Financial Compliance Management supports assurance activities that you can select to check the effectiveness of your compliance checks. The assurance activities enables you to find any blind spots in your compliance strategy by testing whether your controls function in the intended way. Furthermore, you can ensure that your organization meets all obligations to ensure financial compliance by checking that implemented controls are sufficient.

Value Proposition

• Profit from an assurance map based on the results from assurance activities
• Efficiently support second line-of-defense requirements for compliance use cases, such as compliance with the Sarbanes-Oxley Act (SOX)

Capabilities

• Create and implement manual and automated procedures for different assurance activities
• Test controls for efficiency
• Schedule work packages for different assurance activities

Fig. 2: With SAP Financial Compliance Management, it is now possible to check the effectiveness of your compliance checks

Back to Top

Tax

New Scenarios for Electronic Documents Processing with SAP Document and Reporting Compliance

Egypt

• New country version* in 2302
• Electronic invoice exchange through the Egyptian Tax Authorities (ETA)
• Electronic document processes in scope:
  • Customer Invoices
  • Supplier Invoices

Poland:

• Legal change mandating electronic invoice exchange of invoices through the National System of E-Invoices (KSeF).
• Electronic document processes in scope:
  • Customer Invoices
  • Supplier Invoices

Greece

• New country version* in 2302
• Upload of customer invoices, supplier invoices and entities’ own records to myDATA.

Manage Electronic Documents Fiori App (F4306) enabled for 27 new processes across 11 countries, including Japan, Egypt, Switzerland, Chile, India, Thailand, Saudi Arabia (phase 2), Spain (eFactura) and eOrder for Germany, Netherlands & Norway. Full scope can be found in SAP Help.

*New statutory reports are also included in the new country version, details available in SAP Help.

Fig. 3: With the 2302 release, you can exchange electronic invoices through the Egyptian Tax Authorities (ETA)

Back to Top

Video 3: Demo for Electronic Document Processing for Egypt

‘SAP Fiori App ‘Manage Electronic Documents’ for Monitoring and Processing Electronic Documents Across Countries

The ‘Manage Electronic Documents’ app enables you to stay compliant with local regulations on the use of electronic documents. You can create, submit, receive, and monitor electronic documents easily. Based on the SAPUI5 technology and SAP Fiori design guidelines, the app delivers consumer-grade user experience.

Value Proposition

• Supports electronic documents across a wide range of countries
• Provides a consistent, intuitive UI for countries, thus reducing user training costs
• Helps users increase efficiency in dealing with document errors

Capabilities

• Supports electronic documents in 24 countries, including: Australia, Austria, Belgium, Chile, Colombia, Denmark, Egypt, France, Germany,  India, Ireland, Italy, Japan, Luxembourg, Netherlands, New Zealand, Norway, Poland, Saudi Arabia, Singapore, Spain, Sweden, Switzerland, Thailand

• Provides error analysis support, including:
• Extraction of key error messages
• Document grouping by error category, error code, or other criteria
• Email notifications to people responsible for fixing errors
• Displays archived documents

Please Note

A country might use multiple electronic document types, such as e-invoices and e-delivery notes. The different electronic document types are enabled in phases. See the app documentation for details about which electronic document types are currently supported for a country.

Fig. 4: The ‘Manage Electronic Documents’ app allows you to easily create, submit, receive, and monitor electronic documents

Back to Top

Enhanced Review of Statutory Report Validation and Correction

SAP Document and Reporting Compliance allows you to comply with local regulations, including creation and submission of statutory reports to the governments on time and in the correct format. The Run Statutory Reports app provides you with an optimized overview of the statutory reporting tasks and allows to keep ahead of the submission deadlines. From this overview, you can generate reports which are automatically validated against the structure provided by the tax authorities. The results can be displayed in line with the corresponding report items, invalid values can be corrected and the file can be regenerated for submission. In addition, missing report items can be added and incorrect ones can be removed with full audit trail.

Value Proposition

• Increase the flexibility and simplify manual adjustment operations reducing the risk of noncompliance​
• Reduce effort for data corrections ​
• Validate both manually added rows and system-generated data to minimize errors​
• Increase usability and ease visualization of errors, warnings, and manual adjustments through color coding and in-line popover messages​
• Improve full audit trail including addition and deletion of report items

Capabilities

• Add or delete entire rows of tabular data​
• Use the copy option to add new rows of tabular data at any position as required​
• View and correct errors or warnings for generated values on the preview screen​
• Navigation to errors through filters and hierarchy-structure selection​
• Enable users to bypass errors when deemed to be false results

Video 4: System demo: Enhanced Review of Statutory Report Validation and Correction with the 2302 release

Back to Top

SAP Privacy Governance

Automated Security Procedures for Managing Security Controls (6NL)

Utilizing the automated procedure functionality of SAP Privacy Governance, the new scope item 6NL enables the integration of the solution to realize automatic detection on potential security risks in SAP S/4HANA Cloud. The deployed procedures here are used in the execution and monitoring of SOX, NIST and ISO270xx framework relevant controls. The procedures are therefore directly re-usable in SAP Financial Compliance Management for applied SOX compliance.​

Value Proposition

• With SAP Privacy Governance security procedures for managing security controls, SAP establishes effective means to centrally analyze and detect (cyber)security anomalies in your connected SAP S/4HANA Cloud system.

Capabilities 

• Automated procedures are assigned to controls and scheduled for (regular recurring) execution in target systems.
• Detected anomalies are pulled on line-item, user or role level and deployed into the issue and remediation management app for assessment.
• The 12 new procedures cover mainly user and authorization checks by looking e.g., for unlocked expired user accounts, assignments of SAP_ALL or SAP_NEW authorizations or violations against custom definable rules for standard users like DDIC, SAP* or TSMADM
• New scope item Security Risk Detection with SAP Privacy Governance (6NL)‎

Video 5: Demo for Automated Security Procedures for Managing Security Controls

Back to Top

Watch the Replays of Our SAP S/4HANA Cloud, Public Edition 2302 Early Release Series!

We’ve hosted a series of compelling live sessions from the heart of the SAP S/4HANA Engineering organization. Missed the live sessions? Watch our replays on demand!

Among the replays, you can find a 51-minute replay, a presentation, and demos for Governance, Risk, and Compliance (GRC) as part of the SAP S/4HANA Cloud, public edition 2302 release as well as 19 other sessions on diverse topics like manufacturing, finance, two-tier ERP, SAP User Experience, developer extensibility, and many more. For more information on the SAP S/4HANA Cloud, Public Edition Early Release Series and how to sign up for it, see this link.

For more information on SAP S/4HANA Cloud, check out the following links:

• GRC Collection Blog (roadmap, release highlights, microlearnings) here
• SAP S/4HANA Cloud release info: http://www.sap.com/s4-cloudrelease
• Latest SAP S/4HANA Cloud Release Blogs here and previous release highlights here
• Product videos on our SAP S/4HANA Cloud and SAP S/4HANA YouTube playlist
• SAP S/4HANA PSCC Digital Enablement Wheel here
• Early Release Webinar Series here
• Inside SAP S/4HANA Podcast here
• openSAP Microlearnings for SAP S/4HANA for Finance and GRC here
• Best practices for SAP S/4HANA Cloud here
• SAP S/4HANA Cloud Customer Community for Finance here
• Feature Scope Description here
• Help Portal Product Page here
• Implementation Portal here

Follow us via @SAP and #S4HANA, or myself via LinkedIn or @DeissnerKatrin